STS-Tool

General Information

Tool Name

Version

Group

Web page (if available)

Main Purpose of the Tool

The Socio-Technical Security modeling language (STS-ml) is an actor- and goal-oriented modeling language for the specification of security and trustworthiness requirements of systems operating in a cross-organizational environment. The language is built on top of social concepts, such as role, agent, goal, delegation, authorization, etc. STS-Tool is the modelling and analysis support tool for STS-ml, it is an Eclipse RCP application and supports multi-view modeling.

i* Variant supported

STS-ml: Socio-Technical Security modeling language

Availability of the tool

(x) For i* modelling only

( ) For development only

( ) Both

Programming Language

Java, based on Eclipse and the Eclipse GMF project

Platform Supported

Win, Linux, Mac
both 32 and 64 bits for Linux and Mac

Current state of the tool

Available for public use. Version 1.3.0 is the latest version released (see web site).
We are planning to release version 1.3.1 in spring 2013, and version 2.0 in summer 2013.

Ongoing work

Improving usability, bug fixing, adding further analysis techniques

i* Modelling Suitability

1. Does the tool allow SD modelling?

No

2. Does the tool allow SR modelling?

No

3. Does the tool allow working with SD & SR models jointly?

No

4. Does the tool allow the construction of the models graphically?

Yes, drag-and-drop from a palette of elements and relationships

5. Does the tool allow the construction of the models textually?

No

6. Describe how the elements are modelled and their flexibility (i.e., the elements can be moved and reordered).

The elements can be moved, deleted, copied, pasted, renamed.

The elements can be arranged automatically (default feature in Eclipse GMF) to avoid overlaps.

7. Describe how the dependency links are modelled and their flexibility (i.e., dependencies are modelled with straight lines that can not be redirected).

8. Does the tool allow automatic organization of the elements?

Yes

9. Other modelling facilities provided by the tool:

Inter-view consistency is maintained by hiding or showing elements in different views, keeping connection points throughout all views, and providing a customized palette in each view.

10. Does the tool check SD models?

No

11. Does the tool check SR models?

No

12. Other checks provided by the tool (i.e., cross validation between SD and SR models).

Syntactic checks are performed on the fly to ensure validity of models.

13. Does the tool allow working with two or more models at the same time?

Yes

14. Does the tool allow to group models in projects?

Yes

15. Does the tool allow working with two or more projects at the same time?

Yes

16. What are the other functionalities that the tool provides?

Multi-view modelling

Inter-view consistency

Consistency analysis: syntactic post checks that are expensive to perform on the fly

Security analysis: manage inconsistencies in security requirements

Risk analysis: given input on events threatening actors' assets, how do they propagate to other elements or relationships?

Usability

17. Rate the understandability of the user interface

( ) Internal use

( ) Ready for public use

(x) Has been used publicly

If it is not ready for public use, mark one or more of the following:

( ) not in English

( ) writing not polished

( ) poor usability (colours, ...)

( ) others: please specify

Expected date for public use (if any):

18. Rate the quality of the user manual

( ) Inexistent

( ) Internal use

(x) Ready for public use

( ) Has been used publicly

If user manual for internal use, mark one or more of the following:

( ) incomplete

( ) obsolete

( ) not in English

( ) writing not polished

( ) others: please specify

Expected date for public use (if any):

19. Does the tool provides i* learning facilities?

Yes, the manuals and tutorials describe the STS methodology to security requirements engineering.

20. Does the tool provide any examples for the users?

Yes, examples are provided on the website both for the latest version of the tool and for previous version too. The latter are kept in Archive.

21. Rate the difficulty of installing the tool

( ) Copy files and initializing paths

(x) Copy files

( ) Executable installation file provided

Maturity of the Tool

22. Rate the maturity of the tool from the user point of view:

( ) Under Development

( ) Prototype

( ) Ready for public use

(x) Has been used publicly

If not for public use, mark one or more of the following:

( ) incomplete

( ) occasional testing

( ) non-exhaustive testing

( ) non-persistent data

( ) poor efficiency

( ) not portable

( ) others: please specify

Expected date for public use (if any):

23. Has the tool been used for any case study?

Yes. The tool has been used to model three industrial case studies developed in the scope of the FP7 European Project Aniketos, namely case studies on eGoverment, Air Traffic Management Control, and Telecommunications.
Additionally, it has been used on a user study performed with students from the University of Trento, who had developed their case studies for the course projects on Organisational Information Systems and Requirements Engineering.

24. Has the tool been tested in large models?

Yes

25. Has the tool any drawback when working with very large models?

No

26. Which is approximately the maximum size of the model (in terms of actors and dependencies) the tool has been used for?

250 elements

Extensibility and Interoperability

27. Does the tool allow importing files?

Yes, files created with older versions of the tool, for compatibility reasons